Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

playwiffme

Posted 30 March 2017 - 10:01 AM

RKinner

Posted 30 March 2017 - 10:05 AM

RKinner

Malware Expert

Expert

20,333 posts

Windows Installer.

For Safe Mode:

If the problem is not being able to hit F8 during boot and get in to Safe Mode then you can search for

msconfig

and hit Enter.

Then on the Boot tab, check Safe Boot and Network. Then OK and reboot. It should go into Safe Mode with Networking on its own. You will have to go back into msconfig and uncheck them or it will keep going to safe Mode.

playwiffme

Posted 30 March 2017 - 10:22 AM

playwiffme

Member

Topic Starter

Member

61 posts

Besides all that, if the computer cannot boot up using the F8 function, you lose more than just Safe Mode.

I'd like to know that the computer is capable of booting into the safe mode/command mode area because we often get electrical spikes causing the computer to shut down and/or shut down and start up and there have been times i have had to move the selection bar to repair mode (such as CHKDSK) - if the computer doesn't enter into this it will not boot into Windows.

playwiffme

Posted 30 March 2017 - 10:25 AM

playwiffme

Member

Topic Starter

Member

61 posts

This computer is at my business and it NEEDS to function as it did in the past - it takes orders electronically, processes credit cards, makes and prints invoices, etc. - if not, then I'm forced to do a re-format to insure the business doesn't get shut-down for something I can correct now.

playwiffme

Posted 30 March 2017 - 11:38 AM

playwiffme

Member

Topic Starter

Member

61 posts

Nothing happens when pressing F8 and that's what scares me...should we get an electrical spike the computer should shutoff/reboot as in the past it would go into Advanced Boot Mode making me select anything from Repair This Computer to Safe Mode or Start Windows Normally. Because the F8 key is not functioning I have no idea what will happen. How do we know the computer even has the capability to go into Advanced Boot Mode?

The keyboard is NOT wireless - USB connect

0

Advertisements

playwiffme

Posted 30 March 2017 - 12:05 PM

playwiffme

Member

Topic Starter

Member

61 posts

I just re-booted, tried tapping F8 to enter into Advanced Mode/Safe Mode - the computer remained with a black screen for 17 minutes until Windows finally opened. You could hear the hardware working during this time and it was like it was trying to figure out where to take me next - like something is screwed up in the booting sequence or maybe the winload.exe file is corrupt? - it wouldn't surprise me that all those blue screens I saw while trying to get rid of this virus didn't have an effect.

RKinner

Posted 30 March 2017 - 12:29 PM

Assuming the F8 is not defective the usual fix is a Repair Install which then requires that you download and install 200+ updates on Win 7.

However we can try and look at the boot log and see if we see something obvious. Search for

msconfig

hit Enter

under the boot tab

check boot log

OK

Reboot and then try to get into Safe Mode

Once it finally gives up and boots into regular mode, give it a few minutes to finish the boot then restart it into regular mode.

Go back in to msconfig and uncheck bootlog

Now find the file: c:\windows\ntbtlog.txt and open it in notepad and copy and paste the whole thing. (You can attach it if you would rather.) If it says the file is in use you can usually copy it and then paste it on to your desktop and open it from there.

One other thing we need is an export of

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot

go in to regedit and locate the above key. Right click on SafeBoot and Export (to your desktop - call it sb). Rename sb.reg to sb.txt and attach it to the Reply.

Looking at safeboot in my win 7 it looks generic so we can also try just replacing your safeboot with an export of mine but let me look at yours first.

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{95C5EA71-8623-416C-AAEC-D3AA4AF7581A}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{9612667B-16FF-47A2-8AC8-4084E6EAD0FB}: [DhcpNameServer] 192.168.254.254

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed